CVE-2025-54013 — Cross-site Scripting in Welcart Welcart E-commerce

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 84.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Info Welcart Welcart E-commerce

Timeline

PublishedJul 16

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in info@welcart Welcart e-Commerce usc-e-shop allows Stored XSS.This issue affects Welcart e-Commerce: from n/a through <= 2.11.16.

Affected Packages1 packages

▶CVEListV5info_welcart/welcart_e-commerce2.11.16

🔴Vulnerability Details

GHSA

GHSA-7r5g-766r-x96m: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nanbu Welcart e-Commerce allows Stored XSS↗2025-07-16

▶

CVEList

WordPress Welcart e-Commerce plugin <= 2.11.16 - Cross Site Scripting (XSS) Vulnerability↗2025-07-16

▶